This one day course focuses on CIP-005 and CIP-007, the two most technically oriented of the CIP standards. The requirements of these standards will be covered in-depth with detailed technical discussions of tools, techniques, and approaches to both improve security and maintain compliance. The course instructor, Steve Parker, has extensive experience in cybersecurity and is a former NERC CIP auditor with significant practical experience in the field.

This course is designed for utility IT, security, compliance, and operations staff and other industry professionals seeking a detailed understanding of these two standards. In addition to covering versions 3 and 4 of the CIP standards, this course will discuss changes in the proposed version 5 and offer approaches to future-proof compliance and security activities.

Targeted audience

This course is for IT, security, compliance professionals and operations staff working at an electric utility seeking to find ways to meet their compliance obligations, reduce their regulatory documentation burden and improve their security posture. It is also for those not in the industry and have an interest in learning more about electric sector cybersecurity solutions.

Agenda

08:00 am – 08:15 am – Introduction

08:15 am – 09:00 am – Unit 1: The ESP – Design and Documentation

09:00 am – 09:30 am – Unit 2: Access Point Controls

09:30 am – 10:00 am – Unit 3: Access Control and Monitoring Devices

10:00 am – 10:15 am – BREAK

10:15 am – 10:45 am – Unit 4: Perimeter Monitoring

10:45 am – 11:15 pm – Unit 5: Cyber Vulnerability Assessments

11:15 pm – 12:00 pm – Unit 6: Remote Access

12:00 pm – 12:30 pm – LUNCH

12:30 pm – 01:30 pm – Unit 7: Security Testing

01:30 pm – 02:00 pm – Unit 8: Ports and Services

02:00 pm – 02:30 pm – Unit 9: Patch Management

02:30 pm – 02:45 pm – BREAK

02:45 pm – 03:15 pm – Unit 10: Malware Defenses

03:15 pm – 04:00 pm – Unit 11: Access Management

04:00 pm – 04:30 pm – Unit 12: Security Event Monitoring

04:30 pm – 05:00 pm – Q&A and Wrap-up

Instructor Biographies

Steven Parker – CISSP, CISA | EnergySec

Steven Parker, CISA, CISSP, is the EnergySec Vice President of Technology Research and Projects.with the Energy Sector Security Consortium (EnergySec). He was part of the grassroots effort that led to the formation of EnergySec, and has served on its board of directors since 2008.

Steven’s experience includes more than a decade of full-time security work at critical infrastructure organizations including the Western Electricity Coordinating Council, PacifiCorp, and US Bank. He has contributed to a broad range of security projects covering areas such as e-commerce, identity management, intrusion detection, forensics, and security event monitoring.

CANCELLATION

Any cancellations received more than one month before the start of the session will be refunded 50% of the tuition of the course registered. Any cancellations that are received less than one month before the start of the session, will not be eligible for a refund. The cancellation must be sent in writing to info@energysec.org or to EnergySec, 8440 SE Sunnybrook Blvd Suite 206, Clackamas OR 97015.

POSTPONEMENT

One postponement without a penalty fee is permitted. Any further request for postponement will receive a refund of 50% of the course tuition and new registration will be mandatory at a session date in the same calendar year.